7f89d1887e2270ae94c9b4aab95e16f3f73df74055f2e114bc7bcc42a0061492 | Triage

Sharing

General

Target

2024-09-19_43f03fa573e3f16bb5d5ea2ec1b05f5c_cryptolocker
Size

68KB
Sample

240919-e16hma1bph
MD5

43f03fa573e3f16bb5d5ea2ec1b05f5c
SHA1

f5fff4a1e49f19c8f6a2f4ebc33d49203d768aab
SHA256

7f89d1887e2270ae94c9b4aab95e16f3f73df74055f2e114bc7bcc42a0061492
SHA512

775346de3ed1fdf3a1f6b08e3fe69c8f1e6334829abad4fe9d205fa82c9cfce69efd135d278edacafc2fe4af4b89f4e7a7e749589959adafc4249040a6ea20cf
SSDEEP

1536:Tj+jsMQMOtEvwDpj5HmpJpOUHECgNMo0vp2l9tMPvdfGy7l:TCjsIOtEvwDpj5HE/OUHnSMY2

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-19_43f03fa573e3f16bb5d5ea2ec1b05f5c_cryptolocker
- Size
  
  68KB
- MD5
  
  43f03fa573e3f16bb5d5ea2ec1b05f5c
- SHA1
  
  f5fff4a1e49f19c8f6a2f4ebc33d49203d768aab
- SHA256
  
  7f89d1887e2270ae94c9b4aab95e16f3f73df74055f2e114bc7bcc42a0061492
- SHA512
  
  775346de3ed1fdf3a1f6b08e3fe69c8f1e6334829abad4fe9d205fa82c9cfce69efd135d278edacafc2fe4af4b89f4e7a7e749589959adafc4249040a6ea20cf
- SSDEEP
  
  1536:Tj+jsMQMOtEvwDpj5HmpJpOUHECgNMo0vp2l9tMPvdfGy7l:TCjsIOtEvwDpj5HE/OUHnSMY2
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2